First published: Fri May 16 2008(Updated: )
Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows remote attackers to create new administrative users via a crafted link.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MantisBT | =1.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2008-2276 is classified as a medium severity vulnerability due to its potential for misuse via cross-site request forgery.
CVE-2008-2276 allows remote attackers to exploit a cross-site request forgery vulnerability to create new administrative users in Mantis 1.1.1.
CVE-2008-2276 affects users of Mantis version 1.1.1.
To fix CVE-2008-2276, upgrade Mantis to a version that addresses this vulnerability.
The potential impacts of CVE-2008-2276 include unauthorized access to administrative features and potential information breaches.